import { Injectable, Logger } from '@nestjs/common';
import { SecurityEventEmitter, SecurityEventPayload } from '../events/security-event.emitter';

@Injectable()
export class SecurityLogger {
  private readonly logger = new Logger(SecurityLogger.name);

  constructor(private readonly securityEventEmitter: SecurityEventEmitter) {}

  /**
   * 记录认证成功事件
   */
  async logAuthSuccess(
    userId: string,
    username: string,
    ipAddress: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitAuthSuccess({
      eventTitle: '用户登录成功',
      eventDescription: `用户 ${username} 成功登录系统`,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl: '/auth/login',
      requestMethod: 'POST',
      additionalInfo,
    });
  }

  /**
   * 记录认证失败事件
   */
  async logAuthFailed(
    username: string,
    ipAddress: string,
    reason: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitAuthFailed({
      eventTitle: '用户登录失败',
      eventDescription: `用户 ${username} 登录失败: ${reason}`,
      username,
      ipAddress,
      userAgent,
      requestUrl: '/auth/login',
      requestMethod: 'POST',
      additionalInfo,
      errorMessage: reason,
    });
  }

  /**
   * 记录未授权访问事件
   */
  async logUnauthorizedAccess(
    userId: string,
    username: string,
    ipAddress: string,
    requestUrl: string,
    requestMethod: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitUnauthorizedAccess({
      eventTitle: '未授权访问',
      eventDescription: `用户 ${username} 尝试访问未授权的资源`,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl,
      requestMethod,
      additionalInfo,
    });
  }

  /**
   * 记录权限拒绝事件
   */
  async logPermissionDenied(
    userId: string,
    username: string,
    ipAddress: string,
    requestUrl: string,
    requestMethod: string,
    requiredPermission: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitPermissionDenied({
      eventTitle: '权限拒绝',
      eventDescription: `用户 ${username} 权限不足，需要权限: ${requiredPermission}`,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl,
      requestMethod,
      additionalInfo: { ...additionalInfo, requiredPermission },
    });
  }

  /**
   * 记录验证错误事件
   */
  async logValidationError(
    userId: string,
    username: string,
    ipAddress: string,
    requestUrl: string,
    requestMethod: string,
    errorMessage: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitValidationError({
      eventTitle: '数据验证错误',
      eventDescription: `用户 ${username} 提交的数据验证失败`,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl,
      requestMethod,
      additionalInfo,
      errorMessage,
    });
  }

  /**
   * 记录业务错误事件
   */
  async logBusinessError(
    userId: string,
    username: string,
    ipAddress: string,
    requestUrl: string,
    requestMethod: string,
    errorMessage: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitBusinessError({
      eventTitle: '业务逻辑错误',
      eventDescription: `用户 ${username} 操作时发生业务错误`,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl,
      requestMethod,
      additionalInfo,
      errorMessage,
    });
  }

  /**
   * 记录系统错误事件
   */
  async logSystemError(
    userId: string,
    username: string,
    ipAddress: string,
    requestUrl: string,
    requestMethod: string,
    errorMessage: string,
    stackTrace?: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitSystemError({
      eventTitle: '系统错误',
      eventDescription: `系统在处理用户 ${username} 请求时发生错误`,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl,
      requestMethod,
      additionalInfo,
      errorMessage,
      stackTrace,
    });
  }

  /**
   * 记录可疑活动事件
   */
  async logSuspiciousActivity(
    userId: string,
    username: string,
    ipAddress: string,
    requestUrl: string,
    requestMethod: string,
    activity: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitSuspiciousActivity({
      eventTitle: '可疑活动',
      eventDescription: `检测到用户 ${username} 的可疑活动: ${activity}`,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl,
      requestMethod,
      additionalInfo: { ...additionalInfo, activity },
    });
  }

  /**
   * 记录频率限制事件
   */
  async logRateLimitExceeded(
    userId: string,
    username: string,
    ipAddress: string,
    requestUrl: string,
    requestMethod: string,
    limit: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitRateLimitExceeded({
      eventTitle: '请求频率超限',
      eventDescription: `用户 ${username} 请求频率超过限制: ${limit}`,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl,
      requestMethod,
      additionalInfo: { ...additionalInfo, limit },
    });
  }

  /**
   * 记录SQL注入尝试事件
   */
  async logSqlInjectionAttempt(
    userId: string,
    username: string,
    ipAddress: string,
    requestUrl: string,
    requestMethod: string,
    payload: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitSqlInjectionAttempt({
      eventTitle: 'SQL注入尝试',
      eventDescription: `检测到来自用户 ${username} 的SQL注入尝试`,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl,
      requestMethod,
      additionalInfo: { ...additionalInfo, payload },
    });
  }

  /**
   * 记录XSS尝试事件
   */
  async logXssAttempt(
    userId: string,
    username: string,
    ipAddress: string,
    requestUrl: string,
    requestMethod: string,
    payload: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitXssAttempt({
      eventTitle: 'XSS攻击尝试',
      eventDescription: `检测到来自用户 ${username} 的XSS攻击尝试`,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl,
      requestMethod,
      additionalInfo: { ...additionalInfo, payload },
    });
  }

  /**
   * 记录自定义安全事件
   */
  async logCustomEvent(
    eventType: any,
    securityLevel: any,
    eventTitle: string,
    eventDescription: string,
    userId?: string,
    username?: string,
    ipAddress?: string,
    requestUrl?: string,
    requestMethod?: string,
    userAgent?: string,
    additionalInfo?: any,
  ) {
    this.securityEventEmitter.emitCustomEvent({
      eventType,
      securityLevel,
      eventTitle,
      eventDescription,
      userId,
      username,
      ipAddress,
      userAgent,
      requestUrl,
      requestMethod,
      additionalInfo,
    });
  }
}
